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15 BACKGROUND OF THE INVENTION 

1. Field of the Invention 

[04] The present invention relates to technology for preventing fraud in 
credit/debit card payment systems. 

20 

2. Description of the Related Art 

(051 Previously, measures for preventing fraudulent use of credit cards in 
card transaction payment systeins have included two methods: a credit check for the card 
used and cardholder validation. 

25 [061 Credit involves recognizing the validity of the card, for example, 

whether the credit card has been stolen or whether the credit limit has been exceeded. This 
procedure is usually carried out by sending card information, such as the credit card number, 
from a card transaction terminal located in the member store to a fransaction authorization 
computer, which is a host computer at the credit card company, a merchant bank computer, or 

30 tiie like, referencing card information stored in a database within the fransaction authorization 
computer, confirming the available credit line, etc., and determining whether the card can be 
used. When a credit card holder wants to use a credit card to pay for goods or services at a 
credit card member store (hereinafta* "member store"), a credit check for the card is first 

1 



carried out at the member store. Normally, a credit check proceeds by sending card 
infomiation, such as the card number and expiration date, through a credit card transaction 
terminal (hereinafter "transaction terminal*') located in the member store to a settlement 
payment computer and requesting the credit check. When the transaction authorization 
5 computer receives the credit check request, the transaction authorization computer references 
the database to find out whether the pertinent credit card has been made unusable by being 
reported lost or stolen, and whether the credit limit for the card will be exceeded by the 
current transaction. The information regarding whether payment with the pertinent 
credit/debit card is allowed, based on the results of the check, is sent to the aforementioned 

10 card transaction terminal at the member store. Card information stored in the database 

includes, for example, the cardholder address, telephone number, birth date, registered PIN 
(Personal Identification Number), the credit limit, and the number of credit card transactions 
permitted within a specified period. When the transaction authorization computer reports the 
results of the credit check to the card transaction terminal at the member store, a transaction 

15 authorization code is issued. When the results of the credit check permit credit card payment, 
a credit card sales receipt, whereon the transaction authorization code is recorded, is issued 
by the card transaction terminal at the member store, and the card user validation process is 
performed. 

[07] The user validation process involves comparing the customer signature 
20 receipt with the signature previously inscribed on the credit card, by coniparing the face of 
the card user with a photograph on the card for cards having photographs, or by checking the 
PIN input by the card user to the card transaction terminal against the PIN previously stored 
in the database of the transaction authorization computer. Measures for preventing fi-audulent 
card usage in the conventional art include recording the loss of a card in the transaction 
25 authorization computer database when the cardholder loses his or her card, and performing a 
credit check with the transaction authorization computer every time the card is used to 
prevent fi-audulent use by a person who found the card. In addition, performing a user 
validation procedure, such as PIN input every time the card is used for pajonent, makes it 
possible to deal with a situation where there is no information to prevent the use of a lost 
30 card. 

[08] In the above prior art, when a card is lost or stolen, the card iiser 
quickly contacts the credit company and adds "usage not allowed" to the card information in 
the database. As a result, when a third party tries to use the card, "usage not allowed" is 
determined in the credit check and can make it impossible to use that card. However, with 
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the broad dissemination of various types of cards, such as credit cards, it is often the case that 
a single user has a plurality of cards and may not be immediately aware of the fact that a card 
is lost or stolen. Furthermore, all the cards possessed by a user may not carried, and it is 
often the case that discovery of the loss or theft of a card is delayed. 
5 [09] For most current credit cards, information such as the card number, 

card expiration date, user name, and so forth is printed on the surface of the credit card and is 
recorded on the magnetic tape affixed to the card. These credit cards and transaction 
authorization systems have the disadvantage that card information necessary for recognizing 
the card number, expiration date, cardholder, and cardholder signature is easily stolen from 

10 the card or terminal Consequently, the cardholders and credit card companies face 
considerable liabilities because of card forgery or theft. For example, the method of 
recognizing a user by comparing the PIN input by the user to the PD^ stored in the transaction 
authorization computer is a secure user validation method because, in theory, the PIN is 
information known only by the bona fide user of the credit card. However, cases have 

15 occurred wherein PINs have been stolen by modifying the card transaction terminal 

established in the member store and stealing and recording the PIN r input by a user when the 
card information is acquired. Thus, user validation technology using a PIN is not necessarily 
effective in preventing the illicit use of stolen or forged cards. The debit card payment 
system,, a shopping service using cash transfer cards, has the same types of problems as the 

20 aforementioned credit cards with regard to security against the leakage of card information. 

[10] Related niaterials include the Japanese Patent Laid-open Nos. 2001- 
21789, 2001-175751, and 2001-134684. 

[11] Japanese Patent Laid-open No. 2001-21789 relates to encrypting a 
password or the like and inputting the password from the user terminal directly to a 

25 verification center in order to ensure security in transactions on the Internet. Japanese Patent 
Laid-open No. 2001-175751 relates to a dedicated terminal comprising a card reader used by 
a user in order to improve the security in credit processing for credit card payments in on-line 
shopping. Japanese Patent Laid-open Nos. 2001-21789 and 2001-175751 both relate to 
security in the payment of virtual transactions concluded by credit card and do not relate to 

30 security for credit card transactions concluded in an actual store. Japanese Patent Laid-open 
No. 2001-134684 makes it possible to use a cellular phone to purchase items from an 
automatic vending machine by specifying the user with the cellular phone user ID and having 
a credit card company provide payment. Japanese Patent Laid-open No. 2001-134684 is also 
not related to security for credit card transactions in an actual store. 
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BRIEF SUMMARY OF THE INVENTION 
[12] In view of the problems with the prior art discussed above, issues to be 
resolved by the present invention include (1) preventing transaction authorization when the 
5 credit card is lost or stolen or when it appears that the card ID information has been copied, 
and (2) eliminating the danger that information necessary for user validation, such as the PIN, 
can be stolen during the payment process. 

[13] The present invention provides a method, system, and terminals for 
credit card and debit card transactions, that can resolve these problems. 

10 [14] The method of the present invention for providing secure, bona fide 

credit/debit transactions, using a card transaction terminal in a credit/debit card member store, 
includes the steps of: storing information for recognizing a credit card user in a database 
capable of being accessed by a host computer to which said card transaction terminal is 
connectable; sending information relating to said credit transaction payment from said card 

15 transaction terminal to a portable communication terminal containing information relating to 
the identity of said credit card user registered therein; inputting said identity information and 
said information relating to said credit transaction payment to said host computer through 
said portable communication terminal; and verifying said credit card user as the authentic 
cardholder on the basis of said validation and identification information. 

20 [15] Moreover, the present invention provides a method of authorizing 

credit/debit card transactions, using a card transaction terminal in a credit card member store, 
comprising the steps of: storing location information of said card transaction terminal in a 
database capable of being accessed by a host computer to which said card transaction 
terminal is connectable; sending information relating to said credit transaction payment from 

25 said card transaction terminal to a portable communication terminal containing information 
relating to the identity of said credit card user; inputting information relating to the current 
location of said portable commimication terminal to said host computer; and recognizing said 
credit card user as the authentic cardholder when said location of said portable 
commimication terminal is within a predetermined range from of said card transaction 

30 terminal. 

[16] Furthermore, the present invention provides a method of authorizing 
credit/debit card transactions, using a card transaction terminal in a credit card member store, 
comprising the steps of: storing information for recognizing a credit card user and the 
location information of said card transaction terminal in a database capable of being accessed 
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by a host computer to which said card transaction terminal is coniiectable; sending 
information relating to said credit transaction payment from said card transaction terminal to 
a portable communication terminal containing information relating to the identity of said 
credit card user; inputting said identity information and information relating to payment of 
5 said credit transaction to said host computer through said portable comrnunication terminal; 
and recognizing said credit card user as the authentic cardholder on the basis of said 
validation and information; inputting information relating to the current location of said 
portable communication terminal to said host computer; and authorizing said credit card 
payment when the location of said portable communication terminal is within a 

1 0 predetemiined range of the location of said card transaction terminal. 

[17] The system of the present invention, as pertains to credit and debit card 
transactions taking place at a transaction terminal located in a credit card/debit card member 
store comprises: a host computer capable of communicating with said card transaction 
terminal and capable of canying out transaction validation processing on the basis of 

15 information sent from said card transaction terminal; wherein said host computer is capable 
of accessing a database storing information for validating a credit card user; and said host 
computer identifies said credit card user as an authentic cardholder on the basis of 
information for recognizing said credit card user and identity information, when information 
relating to identity of said credit card user and said information relating to said credit 

20 transaction validation are inputted from a portable communication terminal having said 
identity information registered therein. 

[18] Also, the present invention provides a transaction authorization system 
in credit transactions, for carrying out payment by credit/debit card using a card transaction 
terminal in a credit card member store, comprising a host computer being capable of 

25 communicating with said card transaction terminal and carrying out said settlement process 
based on information sent from said card transaction terminal; wherein said host computer is 
able to access a database to which location information for said card transaction terminal is 
registered in advance; and said host computer identifies said credit card user as an authentic 
cardholder on the basis of said location information of said portable communication terminal 

30 and the location information of said card transaction terminal, when information relating to 
identity of the credit card user and said information relating to the credit transaction 
settlement are inputted from said portable communication terminal, to which said identity 
information is registered in advance. 



5 



[19] Moreover, the present invention provides a portable communication 
terminal device capable of being used for credit card authorization, including: a wireless 
communication component for sending and receiving v^ireless signals for transmitting 
information through a public conimunication network; a main controller connected to this 
5 wireless communication component; a key input component for inputting data and connected 
to said main controller; a display screen coimected to said main controller; a inemory, for 
storing information relating to said credit card therein and connected to said main controller; 
and a card transaction terminal communication component connected to said main controller; 
wherein said card transaction terminal communication component is configured to be able to 

10 receive information relating to the settlement from the card transaction terminal in the credit 
card member store; and said main controller is constituted to be able to control the sending of 
the information for verifying that said credit card user is the bona fide cardholder, aloiig with 
said information relating to the transaction, through said wireless conimunication component. 

[20] As the invention of a card transaction terminal that can resolve these 

15 problems, the present invention provides a card transaction terminal for carrying out credit 
transaction settlements at a credit card member store and includes: a card reader for reading 
credit card information; a main controller connected with said card reader; a first 
communication component, connected with said main controller, for communicating with a 
host computer; a second communication component, connected with said main controller, for 

20 establishing a wireless coimection with a portable terminal device in which the cardholder's 
identity information is stored; wherein said controller is able to send the credit card 
information read by said card reader to said host computer and receive the code for 
specifying the authorization for the transaction from said host computer through said first 
communication component, and to send said code thus received through said second 

25 communication component. 

[21] In addition, the present invention provides a card transaction terminal 
for carrying out credit/debit card transactions at a credit card member store which includes: a 
terminal control with which data input operations are performed; a main controller connected 
with said terminal control; a first communication component, coimected with said main 

30 controller, for communicating with a host computer; a second communication component, 
connected with said main controller, for establishing a wireless connection with a portable 
terminal device in which the cardholder's identity information is stored; wherein said 
controller is able to send, to said cellular phone, transaction price data corresponding to the 
product information input from said terminal control and a code for specifying the member 
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store where the card transaction terminal is located, and to receive, from said cellular phone, 
a code specifying authorization of the transaction and a code specifying transaction 
completion, both codes transmitted through said second communication component, and is 
further able to send said code specifying transaction completion from said first 
5 communication component to said host computer. 

[22] The present invention makes it possible to prevent the fraudulent use 
of cards or the like, even when the card has been lost or stolen or card information or the like 
has been revealed, and can improve security in the settlement of credit transactions. 

BRIEF DESCRIPTION OF THE DRAWINGS 
[23] Figure 1 shows a payment system relating to the first embodiment of 
the present invention; 

[24] Figure 2 is a block diagram of the configuration of the cellular phone 
relating to the first embodiment of the present invention; 

[25] Figure 3 is a block diagram of the configuration of the card transaction 
terminal relating to the first embodiment of the present invention; 

[26] Figiue 4 is a block diagram of the configuration of the host computer 
relating to the first embodiment of the present invention; 

[27] Figure 5 shows an example of the information stored in the database 
relating to the first embodiment of the present invention; 

[28] Figure 6 illustrates the user validation process flow according to the 
first embodiment of the present invention; 

[29] Figure 7 illustrates the process flow for the user validation process 
according to the second embodiment of the present invention; and 

[30] Figure 8 illustrates the process flow for the credit administration 
process according to the third embodiment of the present invention. 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 
[31] The embodiments of the present invention are explained below with 
30 reference to Figures 1 through 8. 

[32] In the present invention, the credit card user uses a portable 
communication terminal registered in advance to the host computer of a credit card company 
or other similar company providing this service, and for implementation of the credit 
administration process and the user validation process. 
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[331 The first embodiment of the invention is explained with reference to 
Figures 1 through 6. The credit card transaction systeni relating to the present embodiment is 
explained using Figure 1 . A transaction terminal for credit and debit card transactions 
(hereinafter "transaction terminal") 300 is established in a credit card/debit card member 
5 store (hereinafter "member store") 3000, (Below, when reference is made to a credit card or 
credit card company, it will be understood such reference includes debit cards, and other 
similar cards.) This transaction terminal 300 is connected to a host computer/transaction 
authorization computer 400 of the a credit card company through a general public network 
500 such as a subscriber telephone network or an ISDN network. Credit card 200 is a credit 

10 card used by the credit card holder in order to pay for the purchase of products or the fees for 
services received at member store 3000. Moreover, cellular phone 100 is a portable 
communication terminal owned by tfie credit card holder and is able to connect to the host 
computer/transaction authorization computer 400 of the credit card company through wireless 
network 600. The ID number or the like for cellular phone 100 is stored in the host computer 

15 of the credit company in advance. Credit card 200 is the credit card for which such 

information as the card number, cardholder name, and expiration date resides in the credit 
company computer. Transaction terminal 300 located in the member store 3000 is a credit 
card transaction device. The card transaction terminal sends the card information for credit 
card 200 through network 500 to the host computer/transaction authorization computer 400 of 

20 the credit card company, requests credit administration, and issues a bill in a case where the 
result of credit administration is that settlement is possible. Host computer/transaction 
authorization computer 400 has in its database credit card information and private 
information for the cardholder, the card history, and member store information such as the 
member store number, store name, and store location. When a request for credit 

25 administration is received, the host computer searches for the credit information 

corresponding to the card information and the amount of the purchase, and deteraiines 
whether the card can be used. The wireless network 600 performs the switching between 
cellular phone 100 and general network 500. 

[34] The configuration of cellular phone 1 00 is explained with reference to 

30 Figure 2. Cellular phone 100 comprises a transaction terminal communication component 
1 10, a wireless communication component 130, a key input 101, a display 102, a vocal 
sound input 103, a vocal sound output 104, and a memory 123, each connected to main 
controller 120. Main controller 120 comprises a central processing unit (CPU) (not shown), 
as well as a credit administration processor 121 and a user validation processor 122. 
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Transaction terminal communication component 1 10 is a circuit providing an interface for 
infonnation exchange between cellular phone 100 and transaction terminal 300, which is 
located in member store 3000, In the present embodiment, communication between cellular 
phone 100 and transaction terminal 300 uses a wireless connection using a different 
5 frequency from the frequency band used by cellular phones. This wireless connection is used 
in wireless LANs, such as Bluetooth (trademark of Ericsson Inc.), using the 2.4 GHz 
frequency band, for example. The communication system between cellular phone 100 and 
transaction terminal 300 may also employ a method of information exchange through a 
wireless communication system, using infrared instead of radio waves, or through a wired 

10 connection. Wireless commvmication component 130 is a circuit for sending and receiving 
wireless signals for information exchange between cellular phone 100 and wireless network 
600, and makes it possible to connect the cellular phone with credit transaction authorization 
computer 400 or with the Intemet. 

[35] Main controller 120 includes credit administration processor 121 for 

15 sending card information such as the card number and expiration date to credit transaction 
authorization/host computer 400 and implementing the credit administration process; and 
user validation processor 122 for sending the PIN input by the credit card user using cellular 
phone 100 to settlement computer 400 of the credit card company and for cmxying out the 
user validation process. The main controller also controls all cellular telephone fimctions 

20 including voice communications and Intemet comiections. The dialing operations and 
memory dialing operations when the cellular phone 100 is used as a voice phone, Intemet 
information retrieval operations, and the PIN input operation during user validation are 
performed using the key input 101 . PIN input may also be carried out through voice 
recognition, but is performed through key input in the present embodiment. Furthermore, the 

25 status of cellular phone operations, such as the progress of credit processing using cellular 
phone 100, is displayed on display 102. 

[361 Transaction terminal 300 in the member store is explained with 
reference to Figure 3. Cellular phone communicatioii component 310, which is a second 
cornmunication component, general network communication component 330, which is a first 

30 communication component, card reader 340, terminal control 350, display 360, and printer 
370 are each connected to main controller 320. Main controller 320 comprises a central 
processing unit (CPU) (not shown), as well as a credit administration processor 321 and a 
user validation processor 322. Credit administration processor 321 and user validation 
processor 322 are not necessarily circuits or devices independent of the CPU and niay also be 
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part of the functions of the CPU. Cellular phone communication component 310 carries out 
information transfer between cellular phone 100 and transaction terminal 300. Main 
controller 320 carries out centralizied administration of all controls for transaction terminal 
300, while executing the credit administration process with settlement computer 400 
5 according to the credit administration processor 321 , or the user validation process with the 
settlement computer 400 according to the user vaUdation processor 322. General network 
communication component 330 connects to the general network to effect information transfer 
between card transaction terminal 300 and settlement computer 400. Card reader 340 reads 
the information bout the credit card from a magnetic stripe or a memory chip embedded in 

10 the card. Terminal control 350 is an operation input device for mnning transaction terminal 
300; input keys or a touch panel are used. When user vaUdation is performed through 
transaction terminal 300, the PIN is input to PIN code input 351 located in terminal control 
350. Display 360 is a device for showing the settlement amount of the account or settlement 
process status; a liquid crystal display device is used in the present embodiment. When bills 

15 or receipts are issued, printer 370 prints the transaction bill and receipt according to the 
instructions from main controller 320. 

[37] The configuration of settlement computer 400 is explained with 
reference to Figure 4. Credit settlement computer 400 comprises a communication 
component 410, a settlement processor 420 connected to communication component 410, and 

20 a database 430 connected to settlement processor 420. Settlement processor 420 comprises a 
credit administration processor 421 and user vaUdation processor 422. The cardholder's 
private information 431, card information 432, card history information 433, and the member 
store information 434 are stored in the database 430. Information, such as the name, address, 
telephone number, birth date, and employer of each user who is a valid credit card holder, is 

25 stored as the cardholder's private information 43 1 . Information such as the card number, 
card expiration date, and PIN is stored as the card information 432. Information such as the 
name, purchase date, and purchase location of products purchased using the credit card is 
stored as the card history information 433, and information such as the member store address 
and telephone number is stored as the member store information 434. Communication 

30 component 410 exchanges information exchange with cellular phone IQO and allows 

information exchange with cellular phone 100 through a general phone line or the Intemet. 
In settlement processor 420, the credit administration process is carried out by credit 
administration processor 421 on the basis of card information received from communication 
component 410 and information in database 430; and the user validation process is carried 
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out by comparing the PIN data with the PIN information stored in the database by user 
validation processor 422. Credit settlement computer 400 is able to search information, such 
as calling the aforenientioned private cardholder information 431 for the name of the 
cardholder using the card number, or referencing prior card history information 433. 
5 Settlement processing means 421 is used to reference information from this database and to 
determine whether settlement is possible. The PIN is checked at the time of the credit 
administration process with credit administration processor 42 1 and user validation processor 
422. Settlement processor 420 references the database and carries out credit administration 
using the card information received through the aforementioned commimication component 

10 410, and, when the card is deemed usable, issues a settlement authorization number and sends 
that number to the transaction device of member store 3000. When the user validation 
process is carried out in member store 3000 using a validation method such as checking the 
signature, a bill including the settlement authorization number is printed by printer 370 and 
the card user is asked to sign this bill. 

15 [38] Figure 5 shows an example of the types of information stored in the 

database used for information reference during the credit administration process and user 
validation processor by the settlement computer. 

[39] In Figure 5, the card number, the cardholder name in Roman letters, 
cardholder name in other characters, card expiration date (year/month), report of loss or theft, 

20 PIN, and designation of user validation method correspond to the card information 432. The 
birth date, address, home telephone number, and cellular phone number correspond to the 
cardholder's private information 431; and the credit or expenditure limit per month, the 
amount paid or purchased by card (this month), the number of times the card has been used 
(this month), number of transactions by cell phone (this month), and the total points for the 

25 card, correspond to card history information 433. 

[40] Figure 6 shows an example of the payment process procedures in the 
credit card transaction system. Cellular phone 100 of he present invention is able to store 
information for the credit card 200 and is able to exchange card information data or the like 
through wireless transfer to transaction terminal 300 by using transaction terminal 

30 commimication component 110. The transaction terminal 300 also contains a cellular phone 
communication component 310 that can exchange data with the cellular phone through 
wireless transfer. At the time of purchase payment for a customer in member store 3000, the 
total purchase price or the prices of the individual items/services for items purchased by the 
customer is input to the transaction terminal 300. When the customer is a credit cardholder 
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(user) and requests to use the card for payment, the customer uses cellular phone 100 for 
wireless transmission of the card information to transaction terminal 300 in member store 
3000. hiformation processing during transmission of card information can be simply carried 
out without requiring a wired connection between the cellular phone 100 and transaction 
5 terminal 300. When cellular phone 100 is used only as an input device for user validation, 
without credit card information stored in the cellular phone, the card information c^ be 
transferred to transaction terminal 300 by reading the credit card 200 with the card reader in 
the card transaction terminal 300 at the member store. Next, transaction terminal 300 
transfers the card number information and purchase amount information to the transaction 

1 0 authorization computer 400, and requests credit administration. Under the control of credit 
administration processor 321 of main controller 320 of card traxisaction terminal 300, the 
conunand requesting credit administration is transferred to the credit administration processor 
of transaction processor 420 through general network communication component 330, 
general network 500, and communication component 410 of transaction authorization 

15 computer 400. Using credit administration processor 421, transaction authorization computer 
400 searches database 430 for the received card information and purcheise amount 
information, searches for information regarding a hold on the credit card and for the pertinent 
credit card information necessary for credit administration, checks for a report of loss or theft, 
and carries out the margin recognition process for the usable balance in the card information. 

20 When credit administration is successful, transaction processor 420 reports the successful 

credit administration, and, at the same, time issues a transaction authorization number, which 
is a credit administration result recognition number also used in payment processing on the 
bill. The credit administration results and transaction authorization number are transmitted to 
main controller 320 of transaction terminal 300 through communication component 410 of 

25 transaction authorization computer 400, general network 500, and the general network 
conununication component of the transaction terminal 300 in credit member store 3000. 
Furthermore, , in the present embodiment, the user validation method may be selected from 
among a method for checking the recorded PIN with PIN input through cellular phone 100, a 
method for checking the recorded PIN with PIN input at the member store, or a method for 

30 checking the signature of the cardholder. In other words, when the item "designation of user 
validation method" in the card information for the credit card is saved as "full-time", user 
validation by PIN input fi-om the cellular phone is carried out every time. When the item 
"designation of user validation method" is saved as "occasional selection", the card user is 
able to select the user validation method at the time of payment. This "occasional selection" 
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makes it possible to use different user validation methods in different situations. For 
example, cardholders shopping at stores they often patronize, select the user validation 
method using PIN checking from the member store settlement terminal. But when a 
cardholder enters an unfamiliar store name for the first time, the csu-dholder selects the user 
5 validation method using PIN checking through the cellular phone. 

[41] The procedures for the user validation process using PIN checking 
with the cellular phone are as follows. The credit card user receives the transaction niunber, 
received from the transaction terminal at the time of credit administration, through cellular 
phone communication component 310 of transaction terminal 300, and transaction terminal 

10 communication component 1 10 of cellular phone 100. Main controller 120 of cellular phone 
100 opens transmission to the credit settlement or authorization computer, once the user has 
implemented the user validation operation after receiving the transaction number, and 
establishes conraiunication. When the main controller of the cellular phone reports the 
transaction number to the transaction authorization computer 400, the transaction 

15 authorization computer references database 430 and communicates the member store name 
and purchase amount corresponding to the transaction number. In the present embodiment, 
the transaction information is converted to a voice signal by the voice signal converter in 
transaction processor 42Q of transaction authorization computer and is sent to cellular phone 
100 through public network 500 and wireless network 600. After the card user confirms the 

20 transaction information output from the vocal sound output of cellular phone 100, the card 
user inputs the PIN through key input 101 of the cellular phone during the interval when 
transaction authorization computer 400 is waiting for PIN input. The PIN input from key 
input 101 is converted to a DTMF (Dual Tone Multiple Frequency) tone signal and is sent to 
transaction authorization computer 400. In transaction processor 420 of computer 400, the 

25 PIN input by the card user using cellular phone 100 is distinguished from the DTMF tone 

signal received from cellular phone 100 and is checked against the PIN registered in advance 
and stored as card information 432 in database 430. Thus, the card user is identified as tiie 
bona fide cardholder. To increase security during transmission of the PIN, an encryption 
device may be provided in cellular phone 100 and a decryption device, in computer 400. 

30 When the PIN check is successful, a process completion nuniber is issued by user validation 
processor 122 in main controller 420 of transaction authorization computer 400 and is sent to 
cellular phone 100. In the main controller of cellular phone 100, processing by user 
validation processor 122 is also terminated with receipt of this number. Finally, the 
transaction completion number received from transaction authorization computer 400 is 

V 
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reported to transaction terminal 300 and the card user's transaction is complete. Afterward, 
when the user must decide whether to store tihis transaction information and chooses to do so, 
transaction infonnation pertaining to the card, such as the credit card member store name, 
amount paid by card, settlement number, and settlement completion number can also be 
5 stored. On the other hand, upon receiving this transaction authorization number from cellul^u: 
phone 100, the transaction terminal 300 of member store 3000 executes a process to 
immediately check the number with the transaction authorization computer 400. Upon 
completion of the number verification, the card user ends the user validation process and 
acknowledges the completion of the transaction process. After that, the transaction terminal 
10 300 issues a receipt for the purchase and ends the credit transaction process. 

[42] As discussed above, the danger of revealing the PIN, which is 
important card infomiation, is reduced because the credit card user can input the PIN with his 
or her own cellular phone without going through the transaction terminal located at the 
member store. 

15 [43] To increase security, user validation through a PIN checking process 

using a cellular phone 100, may also be performed as follows. The notification from cellular 
phone 100 is set up to be transmitted with a notification of the phone number. User 
validation processor 422 of transaction processor 420 of the trsmsaction authorization 
computer 400 recognizes the sender number notification in the notification sent from the 

20 cellular phone and received by communication component 410, and will not accept the 
transmission if the notification is sent from the cellular phone having the cellular phone 
number stored in database 430. Furthermore, in user validation processor 422, the transaction 
authorization number received with the DTMF tone signal is also a determining parameter 
and the process advances to the subsequent PIN checking process only when the following 

25 conditions match: the card information corresponding to the transaction authorization 

number, the stored cellular phone number corresponding to the card information, and the 
number in the sender phone number notification received by commvmication component 410. 
Increased security can thus be effected. 

[44] The second embodiment of the present invention is explained with 

30 reference Figure 7. This embodiment exemplifies a case where cellular phone 100 registered 
in the card transaction system has a location information detection function. The present 
embodiment differs from the first embodiment in that the cellular phone has a location 
information detection function. The configuration of transaction terminal 300 and 
transaction authorization computer 400 are the same as in the first embodiment. In the 
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present embodiment, the cellular phone system, including wireless network 600, provides a 
location information detection service. Wireless network 600 comprises a location 
information host computer for detecting the location of cellular phone 100. Location 
detection uses, for example, a method of finding the current location from the relative 
5 positions of cellular phone 100 and three base stations, such as are used in PHS (Personal 
Handyphone System), or a method of finding the current location with a GPS (Global 
Positioning Satellite)system using artificial satellites. In the present embodiment, the base 
stations specify the cellular telephone with the pre-registered telephone number and provide 
notification of the current location information of the cellular phone as latitude and longitude 

1 0 information through the communication network. 

[45] The process flow of a credit administration system using location 
information for a cellular telephone, and having a location information detection fimction, is 
explained with reference to Figure 7. Upon receiving a request for credit administration &om 
the member store transaction terminal 300, the transaction processor 420 of the transaction 

1 5 authorization computer searches the database with the card number, checks for a "report of 
loss or theft", and compares the transaction amount with the amoimt available for purchases 
calculated by subtracting the "amount paid by card (this month)" from the credit or purchase 
limit per month." Next, a credit administration process using the location information 
fimction is carried out. In this process, the item "response to location data of cellular phone," 

20 in the stored card information, is initially recognized. When a "not responding" message 
results, a detennination of whether the card is usable is returned to the transaction terminal 
located in the member store as the credit administration result for the credit administration 
request process because the location information for the cellular phone cannot be detected. If 
the result is a "responding" message, credit administration can be carried out with location 

25 information and transaction processor 420 sends a locatiori information detection request to 
the location information host in wireless network 600, with the parameter being the "cellular 
phone number" stored by the card user. 

[46] The location information host coniputer detects the current location 
information for the cellular phone in response to the detection request from transaction 

30 authorization computer 400. When the current location of the cellular phone can be specified 
as a result of the detection, the location information is converted to latitude and longitude 
information and sent to transaction authorization computer 400. When a current location 
caimot be specified, a notification of detection failure is sent to computer 400. Transaction 
authorization computer 400 receives the results of the cellular phone location information 



detection, and, when the location information could be successfiiUy acquired, the computer 
searches the member store information, stored in the database based on the member store 
number, for the location information in latitude and longitude format for the member store- 
Transaction authorization computer 400 then compares this information with the current 
5 location information for the cellular phone and calculates the distance. In the present 
embodiment, if the distance between these locations is within 10 m, for example, it is 
determined that the person carrying the registered cellular phone is at member store 3000 and 
that the credit card user is a valid user. If the distance is greater than 10 m, it is determined 
that this is fraudulent use of the card. Transaction terminal 300 is notified of these results. 

10 The distance between the locations is not limited to 10 m and may also be set to 15 m or 20 m 
for large-scale establishments. In addition, when card usage is authorized as result of this 
determination, the transaction authorization number may be sent to transaction terminal 300 
at the sanie time as the notification. When the results of the credit administration request are 
that "card use is allowed", transaction terminal 300 continues with the transaction processes, 

15 such as the issuing of the bill, using the received transaction authorization number and the 
user validation process. On the other hand, when it is determined that "card use is not 
allowed," that information is displayed on a display device of transaction terminal 300 and 
the transaction process is interrupted. In this way, credit administration is carried out such 
that the location information for the cellular phone is used as the current location of the valid 

20 card user and is compared with the location information at the member store. If the 

difference between the location inforaiation is within a set value, it is determined that this 
card is being used by a valid cardholder; and if the difference between the location 
information is greater than a certain distance, it is determined that use of the card is 
fraudulent. Fraudulent use of the card through the loss or theft of the card or through the 

25 theft of card information can thereby be prevented. 

[47) The third embodiment of the present invention is explained with 
reference to Figure 8, This embodiment exemplifies the sending and receiving of data to and 
from transaction authorization computer 400 through cellular phone 100. In the transaction 
process of the present invention, credit administration and user validation are carried out 

30 through cellular phone 100. Moreover, the configuration of the hardware is the same as in 
the first embodiment. In Figure 8, the card user, when purchasing a product, asks member 
store 3000 to use its credit card payment procedure and to use a cellular phone for the credit 
card credit administration process. In member store 3000, naember store inforaiation, such as 
the member store number necessary for card authorization, and transaction information. 
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necessary for credit admiiustration such as the transaction amount, are sent to cellular phone 
100 using cellular phone communication component 310 of transaction terminal 300 in the 
member store. Credit adminisfration processor 121 of main processor 120 of the cellular 
phone adds card information, such as the card number, to the transaction information, such 
5 as the niember store number and transaction amount received, and sends this information for 
use in requesting credit administration through wireless cormnunication component 130 to 
the transaction processor of transaction authorization computer 400. When this request 
received, computer 400 searches the database for the card information and executes credit 
administration. The determination of whetfier card use is allowed, as the result of credit 

10 administration, is carried out in the same maimer as in the embodiment discussed above, by 
confirming "report of loss or theft" information and whether the total amount used on the 
card, including the new transaction amount, exceeds the credit Umit of the card. When credit 
administration results in card use being allowed, computer 400 sends the transaction results 
and the transaction authorization number to cellular phone 100. The subsequent sequence, 

15 including the user validation process, is the same as the process flow shown in Figure 6 for 
the first embodiment. 

[48] With the configurations of the embodiments discussed above, (1) a 
series of credit card transaction processes can be completed without providing card 
information to transaction terminal 300 in the member store, because the credit 

20 achninistration process can use the cellular phone's credit administration processor, and the 
user validation process can use the cellular phone's user validation processor. Moreover, 
because the card information is sent directly to the transaction authorization computer 400 
firom cellular phone 100, the danger of the card information necessary for settlement being 
stolen can be elirninated and high-security transaction processing becomes possible. 

25 (2) Particularly with regard to user identification information, the danger of theft of 

information necessary for user validatioii, such as the PIN, through transaction terminal 300 
at the member store can be eliminated because user validation, such as through PIN input, is 
carried out with cellular telephone 100 carried by the card user. Moreover, the user 
validation process is not possible with a stolen card, because this is a user validation metihod 

30 using a cellular phone 100 that is registered in advance, and fi"audulent use of the credit card 
can be prevented. When both the card and the portable communication terminal are lost, 
fraudulent use of the card can be prevented by carrying out procedures to prevent the use of 
the cellular phone. Because the cellular phone is a personal tool that the user will 
immediately miss if the cellular phone is lost or stolen, measures to prevent fraudulent card 
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use are easy to carry out without delay. (3) With technology using location information for a 
portable conMnimication terminal, fraudulent use is determined in the case of the use of a 
credit card, which has been stolen or for which card information has been copied, at a 
location that is distant from the current location of the valid credit card user carrying a 
5 registered comirumication terminal. The use of the card for a transaction is therefore 

disallowed and fraudulent use can be prevented. (4) Information for the credit card process, 
such as credit admiriistration using a portable communication terminal, is registered as card 
history information; moreover, the addition of the number of uses of the card, the amount 
paid by the card, the points which can be exchanged for additional services in an advertising 

10 campaign, or services such as cash rebates on a certain percentage of the purchase amounts, 
can be provided to benefit the user, member store, and credit company. 

[49] (5) The card user can shop with a high-security credit card system, as 
well receive the added services as in (4) above. (6) The management side of the card 
settlement system, such as credit card companies, banks, and insurance companies, will be 

15 able to improve customer satisfaction with the increased security, and to reduce losses such 
as insurance awards to parties damaged by fraudulent card use. (7) The card member stores 
will see related sales increases from being able to wipe out customer issues such as *Svanting 
to make a purchase but not carrying cash" or "concerns about information leakage in credit 
card transactions, through dealing with a credit card payment systern made safe because of 

20 the high security features. 

[50] Moreover, the card used in the aforementioned embodiments may be a 
card having card identity information stored on a plastic card, a card with card information 
stored as magnetic information on a magnetic strip, a card with card information held in 
semiconductor memory contained in the card, or the like. The card used is not limited to 

25 these physical cards and may also be a virtual card. Furthermore, the credit ID of the user 
may be shown by means other than a card. Also, the cellular phone used in the 
aforementioned embodiments may be a digital cellular phone using the PDC (Personal 
Digital Cellular) system, GSM (Global System for Mobile Communication) system, or 
CDMA (Code Division Multiple Access), or it may be a simple cellular phone on the PHS 

30 (Personal Handyphone System) system, but is not limited to these, and may also be another 
type of portable communication terminal. Moreover, identity-related verification information 
such as the telephone number of the portable communication terminal may be stored in 
removable semiconductor memory in the portable communication terminal and one may 
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replace the semiconductor memory and use the portable communication terminal for its 
original use. 
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